Aggregator

A spear-phishing campaign aimed to compromise Russian and Belarusian military personnel by using military-themed documents as a lure has been flagged by Cyble and Seqrite security researchers. The goal of the campaign is to get targets to download and open a booby-trapped LNK file masquerading as a PDF, ultimately leading to a complete system compromise. The spear-phishing campaign The campaign spotted by Cyble Research and Intelligence Labs (CRIL) in October 2025 used a weaponized ZIP … More →

The post Cyber-espionage campaign mirroring Sandworm TTPs hit Russian and Belarusian military appeared first on Help Net Security.

The Open VSX team and Eclipse Foundation have addressed a significant security incident involving leaked authentication tokens and malicious extensions on their popular code marketplace. The organization has now contained the situation and outlined concrete steps to prevent future attacks. Earlier this month, security researchers at Wiz identified several developer tokens that had been accidentally […]

The post Open VSX Registry Responds to Leaked Tokens and Malicious Extension Incident appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Security researchers have uncovered a severe unauthenticated Remote Code Execution vulnerability in Ubiquiti’s UniFi OS that earned a substantial $25,000 bug bounty reward. Tracked as CVE-2025-52665, this critical flaw allows attackers to gain complete control of UniFi devices without requiring any credentials or user interaction, posing significant risks to organizations using UniFi Dream Machine routers […]

The post Critical UniFi OS Flaw Enables Remote Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

You must login to view this content

Proton has launched a new initiative called the Data Breach Observatory. This program reveals serious problems that exist on the internet. The cybersecurity company revealed that over 300 million stolen credentials are currently circulating on dark web cybercrime markets, putting businesses and individuals at unprecedented risk. This massive exposure highlights the growing underground economy built […]

The post Proton Exposes 300 Million Stolen Credentials Available for Sale on Dark Web Cybercrime Markets appeared first on Cyber Security News.